Threat of the month: Government agencies

Share this article:
Operators again revive Pushdo botnet, use a popular tactic to stay hidden
Major technology manufacturer products are having their security circumvented.

What is it?

The continued leak of classified government intelligence documents by Edward Snowden draws into question the balance of offensive and defensive capabilities of governments. These documents show an ability to monitor a variety of communications and backdoor and embed into most major technology products. This leaves a potential imbalance of offensive capabilities to use against foreign targets while also knowingly allowing for weaknesses in domestic technology usage. 

How does it work?

Major technology manufacturer products are having their security circumvented, or weaknesses leveraged, by domestic and foreign intelligence agencies in order to provide persistent backdooring of devices. This ranges from your standard off the shelf servers to networking equipment and a variety of PC based components. Once embedded in a system it is very difficult to detect and remove such backdoors which can continue to implant malware to provide access to your systems and information.

Should I be worried?

Yes, but probably not as much about your own government as a foreign government which has the same level of capabilities. The reality is these so called catalogues of spying implants, backdoors and devices is something that has been maintained by most modern countries since the birth of modern intelligence organizations and the time of the cold-war. These are just the modernized versions of toolkits and capabilities to reach the same end game that governments have sought for quite some time now; to understand their potential adversaries and in some cases as controlling tools by oppressive regimes. 

How can I prevent it?

The level at which governments are currently backdooring low level devices components is not something that an average business can really prevent at this time.

Share this article:
close

Next Article in Threat of the Month

Sign up to our newsletters

More in Threat of the Month

Threat of the month: Network deperimeterization

Threat of the month: Network deperimeterization

Security professionals should be aware of network deperimeterization, which decreases the usefulness of network edge security devices and increases the potential for device infection and data loss.

Threat of the month: Drive-by download

Threat of the month: Drive-by download

The pervasiveness of drive-by downloads has made it our threat of the month for May.

Threat of the month: Linksys router zero-day

Threat of the month: Linksys router zero-day

This month's vulnerability is currently being exploited by a worm known as "TheMoon."